/** * @acl access public */ public function get($id, $format = null) { try { $request = new \Phalcon\Http\Request(); $fileName = $request->get('fileName', null, ''); $appConfig = $this->getDI()->get(Application::DI_CONFIG); switch ($format) { case 'geojson': $file = '/assets/images/' . $id . '_geo_warp.json'; $fileName = preg_replace('~\\..*$~', '_geo_json.json', $fileName); break; case 'geotiff': $file = '/assets/images/' . $id . '_geo_warp.' . $appConfig['gdal']['fileExtension']; $fileName = preg_replace('~\\..*$~', '_geo_tiff.' . $appConfig['gdal']['fileExtension'], $fileName); break; default: $file = '/assets/images/' . $id; break; } if (file_exists($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . $fileName . '"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); readfile($file); exit; } throw new Exception('File not found.'); } catch (Exception $ex) { return $ex->getMessage(); } }
function request() { global $app; $httprequest = new Phalcon\Http\Request(); $datain = $httprequest->get(); $data = array(); foreach ($datain as $key => $value) { $data[strtolower($key)] = $value; } $filter = new \Phalcon\Filter(); $request = $filter->sanitize($data["request"], array("string", "lower")); $response = null; switch ($request) { case "getcapabilities": $response = getCapabilities(); break; case "describefeaturetype": $response = describeFeatureType($data); break; case "getfeatures": $response = getFeatures($data); break; case "delete": $response = delete($data); break; case "create": $response = create($data); break; case "update": $response = update($data); break; case "transaction": $response = transaction($data); break; } $app->response->setContentType('application/json; charset=UTF-8')->sendHeaders(); echo json_encode($response); }
public function testIssues1265() { $di = new Phalcon\DI\FactoryDefault(); $request = new \Phalcon\Http\Request(); $request->setDI($di); $_REQUEST = $_GET = $_POST = array('string' => 'hello', 'array' => array('string' => 'world')); // get $this->assertEquals($request->get('string', 'string'), 'hello'); $this->assertEquals($request->get('string', 'string', NULL, TRUE, TRUE), 'hello'); $this->assertEquals($request->get('array', 'string'), array('string' => 'world')); $this->assertEquals($request->get('array', 'string', NULL, TRUE, TRUE), NULL); // getQuery $this->assertEquals($request->getQuery('string', 'string'), 'hello'); $this->assertEquals($request->getQuery('string', 'string', NULL, TRUE, TRUE), 'hello'); $this->assertEquals($request->getQuery('array', 'string'), array('string' => 'world')); $this->assertEquals($request->getQuery('array', 'string', NULL, TRUE, TRUE), NULL); // getPost $this->assertEquals($request->getPost('string', 'string'), 'hello'); $this->assertEquals($request->getPost('string', 'string', NULL, TRUE, TRUE), 'hello'); $this->assertEquals($request->getPost('array', 'string'), array('string' => 'world')); $this->assertEquals($request->getPost('array', 'string', NULL, TRUE, TRUE), NULL); }
$last_login_date = date('Y-m-d H:i:s'); $last_login_ip = $request->getPost('reg_ip') or $last_login_ip = $request->getServer('REMOTE_ADDR'); BaseController::run(new SsoController(), 'postLoginAction', array($username, $password, $last_login_date, $last_login_ip)); }); $app->get('/api/sso/user/{ticket:[0-9A-Z]+}', function ($ticket) { BaseController::auth(); $needs = array('portrait', 'nickname', 'gender'); BaseController::run(new SsoController(), 'getUserAction', array($ticket, $needs)); }); /** * Uploads API */ $app->get('/api/upload/user/portrait/{uid:[0-9]+}', function ($uid) { BaseController::auth(); $request = new Phalcon\Http\Request(); $size = $request->get('size') or $size = '50'; $accepts = explode(',', $request->getHeader('ACCEPT')); BaseController::run(new UploadController(), 'getUserPortraitAction', array($uid, $size, $accepts)); }); $app->post('/api/upload/user/portrait/{uid:[0-9]+}', function ($uid) { BaseController::auth(); $input_names = array('portrait_50', 'portrait_140', 'portrait_260'); $files = array(); foreach ($_FILES as $name => $file) { if (in_array($name, $input_names) && $file['error'] == 0) { $files[$name] = $file; } } BaseController::run(new UploadController(), 'postUserPortraitAction', array($uid, $files)); }); $app->put('/api/upload/user/portrait/{uid:[0-9]+}', function ($uid) {
function wms_proxy($contexteId) { global $app; $httprequest = new Phalcon\Http\Request(); $httprequest->setDI($app->getDI()); //Possible sanitize filters: string, email, int, float, alphanum, striptags, trim, lower, upper $filter = new \Phalcon\Filter(); if ($httprequest->isGet() || $httprequest->isPost()) { $datain = $httprequest->get(); $data = array(); foreach ($datain as $key => $value) { $data[strtoupper($key)] = $value; } $service = $filter->sanitize($data["SERVICE"], array("string", "upper")); $request = $filter->sanitize($data["REQUEST"], array("string", "upper")); } else { // TODO : Gérer l'erreur, on ne peut appeler un service wms en put ou en delete. error_log("not a get or a post?"); return; } error_log("service: {$service}, request: {$request}"); if ($service === "WMS") { $config = $app->getDI()->get("config"); $mapserver = $config['mapserver']['host'] . $config['mapserver']['mapserver_path'] . $config['mapserver']['executable']; $contexte = IgoContexte::findFirst("id='{$contexteId}'"); $map = $config['mapserver']['mapfileCacheDir'] . $config['mapserver']['contextesCacheDir'] . $contexte->code . ".map"; $method = $httprequest->getMethod(); $data = $httprequest->get(); $data["MAP"] = $map; $response = null; switch ($request) { case "GETCAPABILITIES": $response = proxy_request($mapserver, $data, $method); // Devrait-on enlever les couches non permises en lecture de la réponse.? C'est probablement trop complexe... break; case "GETMAP": case "GETFEATUREINFO": case "DESCRIBELAYER": case "GETLEGENDGRAPHIC": $authentificationModule = obtenirAuthentificationModule(); if ($authentificationModule === null) { $response = proxy_request($mapserver, $data, $method); } else { if (isset($data["LAYERS"])) { $couches = explode(",", $data["LAYERS"]); } else { $couches = explode(",", $data["LAYER"]); } foreach ($couches as $couche) { $igoVueContexteCoucheNavigateur = IgoVueContexteCoucheNavigateur::findFirst("mf_layer_name='{$couche}'"); $coucheContexte = array($igoVueContexteCoucheNavigateur); if ($igoVueContexteCoucheNavigateur === false) { $coucheContexte = IgoVueContexteCoucheNavigateur::find("mf_layer_group='{$couche}' and contexte_id='{$contexteId}'"); } if (count($coucheContexte) === 0) { // L'utilisateur essaie d'appeler la couche root du mapfile qui consiste à toutes les couches. // Nous interdissons ce type d'appels pour le moment. die("Forbidden"); } $estPermis = false; foreach ($coucheContexte as $igoVueContexteCoucheNavigateur) { $permission = obtenirPermission($igoVueContexteCoucheNavigateur->couche_id); if ($permission !== null && $permission->est_lecture) { $estPermis = true; break; } } if (!$estPermis) { die("Forbidden"); } } $response = proxy_request($mapserver, $data, $method); } break; default: break; } $headerArray = explode("\r\n", $response["header"]); foreach ($headerArray as $headerLine) { header($headerLine); } echo $response["content"]; } else { die("Seul les services WMS sont pris en charge par ce proxy."); } }
function request() { global $app; $httprequest = new Phalcon\Http\Request(); $datain = $httprequest->get(); $data = array(); foreach ($datain as $key => $value) { $data[strtolower($key)] = $value; } $filter = new \Phalcon\Filter(); $request = $filter->sanitize($data["request"], array("string", "lower")); $response = null; switch ($request) { case "getcapabilities": $response = getCapabilities(); break; case "describefeaturetype": $response = describeFeatureType($data); break; case "getfeatures": $response = getFeatures($data); break; case "delete": $response = delete($data); break; case "create": $response = create($data); break; case "update": $response = update($data); break; case "transaction": $response = transaction($data); break; /* For grouping*/ /* For grouping*/ case "getassoclayers": $response = getAssocLayers($data); break; case "getgrouping": $response = getGrouping($data); break; case "describegrouping": $response = describeGrouping($data); break; case "creategrouping": $response = createGrouping($data); break; case "updategrouping": $response = updateGrouping($data); break; case "deletegrouping": $response = deleteGrouping($data); break; case "getFeaturesFk": $response = getFeaturesFk($data); break; case "duplicategrouping": $response = duplicateGrouping($data); break; case "associatedocument": $response = associateDocument($data); break; case "deletedocument": $response = deleteDocument($data); break; case "downloaddocument": $response = downloadDocument($data); echo $response; break; case "getdocumentlist": $response = getDocumentList($data); break; case "getdocumentdescription": $response = getDocumentDescription($data); break; default: $response = false; break; } $app->response->setContentType('application/json; charset=UTF-8')->sendHeaders(); echo json_encode($response); }
$username = $request->getPost('username'); $password = $request->getPost('password'); $auto_signin = $request->getPost('auto_signin') ? true : false; $last_login_date = date('Y-m-d H:i:s'); $last_login_ip = $request->getServer('REMOTE_ADDR'); (new MainController())->postSignInAction($username, $password, $auto_signin, $last_login_date, $last_login_ip); }); $app->get('/signout', function () { (new MainController())->getSignOutAction(); }); $app->get('/user/action/captcha/image', function () { (new UserActionController())->getCaptchaImageAction(); }); $app->get('/user/action/check', function () use($app) { $request = new Phalcon\Http\Request(); $name = $request->get('name'); $value = $request->get('value'); $action = new UserActionController(); switch ($name) { case 'captcha': $action->getCheckCaptchaAction($value); break; case 'username': $action->getCheckUsernameAction($value); break; case 'nickname': $action->getCheckNicknameAction($value); break; default: $action->responseJson('404', 'Not Found')->send(); break;